Abstract
The KASUMI block cipher imparts confidentiality and integrity to the 3G mobile communication systems. In this paper we present power analysis attack on KASUMI as a two-pronged attack: first the FL function is targeted, and subsequently the recovered output of FL function is used to mount attack on \(7\times 7\) and \(9\times 9\) S-boxes embedded in the FO function of the cipher. Our attack recovers all 128 bits of the secret key of KASUMI. Further, we present a countermeasure for this attack which requires lesser resource footprint as compared to existing countermeasures, rendering such implementations practically feasible for resource-constrained applications, such as IoT and RFID devices.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Akkar, M.-L., Giraud, C.: An implementation of DES and AES, secure against some attacks. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 309–318. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44709-1_26
ApS, N.: unabto (2015). https://github.com/nabto/unabto/blob/master/3rdparty/libtomcrypt/src/ciphers/kasumi.c
Biham, E., Dunkelman, O., Keller, N.: A related-key rectangle attack on the full KASUMI. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 443–461. Springer, Heidelberg (2005). https://doi.org/10.1007/11593447_24
Blömer, J., Guajardo, J., Krummel, V.: Provably secure masking of AES. In: Handschuh, H., Hasan, M.A. (eds.) SAC 2004. LNCS, vol. 3357, pp. 69–83. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-30564-4_5
Blunden, M., Escott, A.: Related key attacks on reduced round KASUMI. In: Matsui, M. (ed.) FSE 2001. LNCS, vol. 2355, pp. 277–285. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45473-X_23
Brier, E., Clavier, C., Olivier, F.: Correlation power analysis with a leakage model. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 16–29. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-28632-5_2
Chari, S., Jutla, C.S., Rao, J.R., Rohatgi, P.: Towards sound approaches to counteract power-analysis attacks. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 398–412. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48405-1_26
Chen, Z., Zhou, Y.: Dual-rail random switching logic: a countermeasure to reduce side channel leakage. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 242–254. Springer, Heidelberg (2006). https://doi.org/10.1007/11894063_20
Ishai, Y., Sahai, A., Wagner, D.: Private circuits: securing hardware against probing attacks. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 463–481. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-45146-4_27
Iwata, T., Kohno, T.: New security proofs for the 3GPP confidentiality and integrity algorithms. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 427–445. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-25937-4_27
Jia, K., Li, L., Rechberger, C., Chen, J., Wang, X.: Improved cryptanalysis of the block cipher KASUMI. In: Knudsen, L.R., Wu, H. (eds.) SAC 2012. LNCS, vol. 7707, pp. 222–233. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-35999-6_15
Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48405-1_25
Kühn, U.: Cryptanalysis of reduced-round MISTY. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 325–339. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44987-6_20
Masoumi, M., Moghadam, S.S.: A simulation-based correlation power analysis attack to FPGA implementation of KASUMI block cipher. Int. J. Internet Technol. Secur. Trans. 7(2), 175–191 (2017)
Matsui, M., Tokita, T.: MISTY, KASUMI and camellia cipher algorithm development. Mitsibishi Electr. Adv. (Mitsibishi Electr. Corp.) 100, 2–8 (2001)
Nassar, M., Souissi, Y., Guilley, S., Danger, J.L.: RSM: a small and fast countermeasure for AES, secure against 1st and 2nd-order zero-offset SCAs. In: Design, Automation & Test in Europe Conference & Exhibition (DATE), pp. 1173–1178. IEEE (2012)
Nguyen, P.H., Robshaw, M.J.B., Wang, H.: On related-key attacks and KASUMI: the case of A5/3. In: Bernstein, D.J., Chatterjee, S. (eds.) INDOCRYPT 2011. LNCS, vol. 7107, pp. 146–159. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-25578-6_12
Oswald, E., et al.: OpenSCA, an open source toolbox for MATLAB (2008)
Popp, T., Mangard, S.: Masked dual-rail pre-charge logic: DPA-resistance without routing constraints. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 172–186. Springer, Heidelberg (2005). https://doi.org/10.1007/11545262_13
Popp, T., Mangard, S., Oswald, E.: Power analysis attacks and countermeasures. IEEE Des. Test Comput. 24(6) (2007)
Rivain, M., Prouff, E.: Provably secure higher-order masking of AES. In: Mangard, S., Standaert, F.-X. (eds.) CHES 2010. LNCS, vol. 6225, pp. 413–427. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-15031-9_28
Satoh, A., Morioka, S.: Small and high-speed hardware architectures for the 3GPP standard cipher KASUMI. In: Chan, A.H., Gligor, V. (eds.) ISC 2002. LNCS, vol. 2433, pp. 48–62. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45811-5_4
Sugio, N., Aono, H., Hongo, S., Kaneko, T.: A study on higher order differential attack of KASUMI. IEICE Trans. Fundam. Electron., Commun. Comput. Sci. 90(1), 14–21 (2007)
Trichina, E., Korkishko, T., Lee, K.H.: Small size, low power, side channel-immune AES coprocessor: design and synthesis results. In: Dobbertin, H., Rijmen, V., Sowa, A. (eds.) AES 2004. LNCS, vol. 3373, pp. 113–127. Springer, Heidelberg (2005). https://doi.org/10.1007/11506447_10
Wang, Z., Dong, X., Jia, K., Zhao, J.: Differential fault attack on KASUMI cipher used in GSM telephony. Math. Prob. Eng. 2014, 1–7 (2014)
Zhou, Y., Feng, D.: Side-channel attacks: ten years after its publication and the impacts on cryptographic module security testing. IACR Cryptology ePrint Archive 2005/388 (2005)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Gupta, D., Tripathy, S., Mazumdar, B. (2018). Correlation Power Analysis on KASUMI: Attack and Countermeasure. In: Chattopadhyay, A., Rebeiro, C., Yarom, Y. (eds) Security, Privacy, and Applied Cryptography Engineering. SPACE 2018. Lecture Notes in Computer Science(), vol 11348. Springer, Cham. https://doi.org/10.1007/978-3-030-05072-6_9
Download citation
DOI: https://doi.org/10.1007/978-3-030-05072-6_9
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-05071-9
Online ISBN: 978-3-030-05072-6
eBook Packages: Computer ScienceComputer Science (R0)